📢 IoT privacy and security concerns 📢
📖 Read
via "ITPro".
We take a look at what's needed to really secure internet-connected devices📖 Read
via "ITPro".
IT PRO
IoT privacy and security concerns | IT PRO
We take a look at what's needed to really secure internet-connected devices
❌ Threat Actors Use Telegram to Spread ‘Eternity’ Malware-as-a-Service ❌
📖 Read
via "Threat Post".
An account promoting the project—which offers a range of threat activity from info-stealing to crypto-mining to ransomware as individual modules—has more than 500 subscribers.📖 Read
via "Threat Post".
Threat Post
Threat Actors Use Telegram to Spread ‘Eternity’ Malware-as-a-Service
An account promoting the project—which offers a range of threat activity from info-stealing to crypto-mining to ransomware as individual modules—has more than 500 subscribers.
🗓️ Ukrainian hacker jailed for selling account credentials on the dark web 🗓️
📖 Read
via "The Daily Swig".
Botnet operator had thousands of hacked credential listings, according to the DoJ📖 Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Ukrainian hacker jailed for selling account credentials on the dark web
Botnet operator had thousands of hacked credential listings, according to the DoJ
🕴 How to Avoid Falling Victim to PayOrGrief's Next Rebrand 🕴
📖 Read
via "Dark Reading".
The group that shut down the second largest city in Greece was not new but a relaunch of DoppelPaymer.📖 Read
via "Dark Reading".
Dark Reading
How to Avoid Falling Victim to PayOrGrief's Next Rebrand
The group that shut down the second largest city in Greece was not new but a relaunch of DoppelPaymer.
🗓️ Brace of Icinga web vulnerabilities ‘easily chained’ to hack IT monitoring software 🗓️
📖 Read
via "The Daily Swig".
Open source IT monitoring system gets patched📖 Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Brace of Icinga web vulnerabilities ‘easily chained’ to hack IT monitoring software
Open source IT monitoring system gets patched
🕴 Data Transformation: 3 Sessions to Attend at RSA 2022 🕴
📖 Read
via "Dark Reading".
Three RSA 2022 sessions take deep dives into the security considerations around data cloud transformation.📖 Read
via "Dark Reading".
Darkreading
Data Transformation: 3 Sessions to Attend at RSAC 2022
Three RSAC 2022 sessions take deep dives into the security considerations around data cloud transformation.
‼ CVE-2020-22983 ‼
📖 Read
via "National Vulnerability Database".
A Server-Side Request Forgery (SSRF) vulnerability exists in MicroStrategy Web SDK 11.1 and earlier, allows remote unauthenticated attackers to conduct a server-side request forgery (SSRF) attack via the srcURL parameter to the shortURL task.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30372 ‼
📖 Read
via "National Vulnerability Database".
Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/classes/Master.php?f=delete_cargo.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42969 ‼
📖 Read
via "National Vulnerability Database".
Certain Anaconda3 2021.05 are affected by OS command injection. When a user installs Anaconda, an attacker can create a new file and write something in usercustomize.py. When the user opens the terminal or activates Anaconda, the command will be executed.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30371 ‼
📖 Read
via "National Vulnerability Database".
Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/cargo_types/view_cargo_type.php?id=.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30370 ‼
📖 Read
via "National Vulnerability Database".
Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/classes/Master.php?f=delete_cargo_type.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30374 ‼
📖 Read
via "National Vulnerability Database".
Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/?page=transactions/manage_transaction&id=.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42967 ‼
📖 Read
via "National Vulnerability Database".
Unrestricted file upload in /novel-admin/src/main/java/com/java2nb/common/controller/FileController.java in novel-plus all versions allows allows an attacker to upload malicious JSP files.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-29383 ‼
📖 Read
via "National Vulnerability Database".
NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 was discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30489 ‼
📖 Read
via "National Vulnerability Database".
WAVLINK WN535 G3 was discovered to contain a cross-site scripting (XSS) vulnerability via the hostname parameter at /cgi-bin/login.cgi.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30373 ‼
📖 Read
via "National Vulnerability Database".
Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/cargo_types/manage_cargo_type.php?id=.📖 Read
via "National Vulnerability Database".
⚠ S3 Ep82: Bugs, bugs, bugs (and Colonial Pipeline again) [Podcast] ⚠
📖 Read
via "Naked Security".
Latest episode - lots to learn - plain English - fun with a serious side - listen now!📖 Read
via "Naked Security".
Naked Security
S3 Ep82: Bugs, bugs, bugs (and Colonial Pipeline again) [Podcast]
Latest episode – lots to learn – plain English – fun with a serious side – listen now!
⚠ Serious Security: Learning from curl’s latest bug update ⚠
📖 Read
via "Naked Security".
Learn how to write plain-speaking and purposeful security advisories from one of the most widely-used open source tools in the world.📖 Read
via "Naked Security".
Naked Security
Serious Security: Learning from curl’s latest bug update
Learn how to write plain-speaking and purposeful security advisories from one of the most widely-used open source tools in the world.
⚠ He cracked passwords for a living – now he’s serving 4 years in prison ⚠
📖 Read
via "Naked Security".
Crooks don't need a password for every user on your network to break in and wreak havoc. One could be enough...📖 Read
via "Naked Security".
🕴 Log4Shell Exploit Threatens Enterprise Data Lakes, AI Poisoning 🕴
📖 Read
via "Dark Reading".
A brand-new attack vector lays open enterprise data lakes, threatening grave consequences for AI use cases like telesurgery or autonomous cars.📖 Read
via "Dark Reading".
Dark Reading
Log4Shell Exploit Threatens Enterprise Data Lakes, AI Poisoning
A brand-new attack vector lays open enterprise data lakes, threatening grave consequences for AI use cases like telesurgery or autonomous cars.
🗓️ Black Hat Asia: ‘If democracy is to survive, technology will have to be tamed’ 🗓️
📖 Read
via "The Daily Swig".
Indian tech policy expert Samir Saran says it’s not too late to ‘course-correct’ after a ‘challenging decade’ for liberal democracies📖 Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Black Hat Asia: ‘If democracy is to survive, technology will have to be tamed’
Indian tech policy expert Samir Saran says it’s not too late to ‘course-correct’ after a ‘challenging decade’ for liberal democracies